PGP Employee on MKR

mark at unicorn.com mark at unicorn.com
Thu Oct 23 04:53:00 PDT 1997 



A PGP Employee wrote:
>> Unfortunately these people just don't get it. Corporations refused
>> to buy 5.0 because it did not have any way for the corps to get at
>> email encrypted to their employees. There are some very legitimate
>> uses of this, such as when an employee dies and someone else has
>> to take over for them.

No, PGP Inc 'just don't get it'. I'm sure that there are plenty of people
out there who disagree with the entire concept of CMR, and I'm not very
happy with it myself. But that's not the most important issue here.

Since this point just doesn't seem to get through to PGP Inc employees, I'm
going to shout.

FORCING ENCRYPTION TO MULTIPLE KEYS FOR ONE RECIPIENT IS ONE STEP AWAY FROM
GAK. FORCING ENCRYPTION TO MULTIPLE KEYS FOR ONE RECIPIENT IS ONE STEP AWAY 
FROM GAK! FORCING ENCRYPTION TO MULTIPLE KEYS FOR ONE RECIPIENT IS ONE STEP 
AWAY FROM GAK!! FORCING ENCRYPTION TO MULTIPLE KEYS FOR ONE RECIPIENT IS ONE 
STEP AWAY FROM GAK!! !!!*FORCING ENCRYPTION TO MULTIPLE KEYS FOR ONE RECIPIENT 
IS ONE STEP AWAY FROM GAK*!!!

Is that clear enough? Do you understand what I (and, apparently, Adam Back
and others) am saying now? The problem is not so much with the fact that
you're supporting company needs, but with the way you're doing so.

>> They also don't seem to realize that you always have the ability
>> to remove the MRK from your list of recipients.

Just as government-supported rating schemes are purely voluntary and will
be so for, oh, I don't know, a couple of years? Once the infrastructure is
there, we need only an executive order to make it mandatory. If this 
software ships in its current form and becomes the dominant player in the
market, in four or five years all keys will be GMR keys with the FBI or
NSA as one mandatory recipient. You 'privacy zealots' will have created the
government's surveillance infrastructure. I hope you'll feel proud.

>> Sometimes I really feel like screaming at these people. _All_ of
>> the developers at PGP are personal privacy zealots and no one
>> likes the idea of the MRK. 

Good. Then reimplement it to avoid giving the government a GAK/GMR
infrastructure. Yesterday I posted a modified version of PGP's CMR to
the cypherpunks list which can't be used for GAK because it only encrypts
to one key; Jon Callas just told me I'd 'redesigned PGP 5.5'. Cool. I've redesigned PGP 5.5 so that it can't support GAK; in that case, please 
implement it, or accept that you're deliberately choosing to support the 
thugs in governments around the world and have become part of the problem.

>> That is why we refuse to make them
>> required. 

Just 'mandatory voluntary' for companies which have your SMTP enforcer
enabled. What's the difference?

>> Most everyone at PGP has
>> internalized personal privacy as a cause (actually most had it
>> before they joined PGP).

So prove it. Stop working on creating a GMR/GAK infrastructure. The current
PGP CMR system has numerous problems which many people have pointed out on
the cypherpunks list, and you'd do better to solve those problems rather 
than see them in a major New York Times article about '101 Ways PGP 5.5 
Harms Company Security'. How long will PGP Inc last when it's reputation 
for providing secure products is in tatters, because it chose to release a product which deliberately reduced company security and opened them to new threats, rather than redesign their CMR to remove these problems?

The current CMR implementation is bad for us, bad for PGP Inc's commercial
customers, and bad for PGP Inc. Why is this so hard for you to accept? Why
ship a bad product when you can fix the problems?

    Mark

More information about the cypherpunks-legacy mailing list